What does the Phish Prone Percentage measure?

The Phish Prone Percentage specifically measures the likelihood that employees within an organization will click on phishing links presented to them. This metric is crucial for understanding the vulnerability of an organization's workforce to phishing attacks. The calculation is typically derived from simulated phishing exercises where a specific percentage of employees fall for the simulated phishing attempts, highlighting areas that may require additional training or support.

Understanding this percentage helps organizations identify their risk level related to phishing attacks and implement targeted training programs to improve employee awareness and resilience against these types of cyber threats. Other options focus on different aspects of phishing and security practices, such as the overall number of attacks, detection times, or broader training effectiveness, but the Phish Prone Percentage specifically addresses employee behavior in response to phishing attempts.